javascript detecing framebusting code

Question

I'll preface this by saying that I understand the security concerns behind the tendency to include framebusting code (that is, code designed to prevent a site from being shown within a frame) in sites, so I have no interest in trying to circumvent it.

That said, since it rather ruins the user experience on my site, is there any way to detect it, and, say, replace the included document with a link to opening the document in a new window?

If it's not possible through javascript, can it be detected server-side without having to resort to spidering the document?

Thanks, Wyatt

Answer 1

The answer is "no", since client-side scripts can't access data from other sites due to the same origin policy. It would be a serious security vulnerability if you could.

Answer 2

The problem is that there is quite a variety of frame-busting scripts being employed. Some will literally break out of the frame, others will simply empty document.body.innerHTML, and others will break out and show annoying alerts. If you create a list of possible variants then you could create a server-side proxy and filter these out. I can't think of any other way to do this -- is it absolutely necessary for you to be showing other sites in iframes?